Why a cybersecurity solution for driverless cars may be found under the hood

Autonomous vehicles were one of the most talked about technologies in 2016. Ever since Tesla, Google and Uber put these vehicles on the consumer trend map — as well as beer deliveries — I’ve been daydreaming of the day I might own one myself. Unfortunately for me, and the automotive industry, that day might not be coming too soon.

Wired reporter Andy Greenberg chronicled his “real-life” experience driving a hijacked Jeep Cherokee. Andy agreed to be the guinea pig for two St. Louis-based researchers, whom he refers to as “hijackers.” While Andy drove the vehicle, the two hijackers experimented with just how far they could hack into the vehicle’s computerized system. What started as a hijacking of the vehicle’s air conditioning and music ended with a disabled accelerator and a powerless driver.

Andy’s exposé highlighted just how easy it can be for a seasoned professional to hack into a car, and it drew national attention among consumers and law makers. Last year the National Highway Transportation Safety Administration (NHTSA) released guidelines stating that automakers should make cybersecurity a priority. While most would agree that the NHTSA is correct in its guidance, there is one major problem: cybersecurity is a never-ending battle. Individuals with enough technical skills, patience and desire to profit will find a way around the latest security barriers.

What’s critical in the new world of constantly connected devices, particularly autonomous vehicles, is that we must take a holistic view of cybersecurity that goes beyond more complex encryption.

The vulnerability of connected devices

Assuming that the cybersecurity issues can be resolved in the next few years, autonomous vehicles will become one of the leading contributors to the Internet of Things (IoT). Similar to other IoT devices, like mobile phones and wearable fitness trackers, autonomous vehicles will also generate consumer data that will influence the way businesses, government and other policy makers operate. But like most connected devices in the IoT, the software infrastructures and data generated from autonomous vehicles will also become more exposed to risks.

In fact, Munich Re, the world’s second-largest reinsurer, found that 55 percent of corporate risk managers surveyed in a recent study named cybersecurity as their top concern for autonomous vehicles. Even more alarming, 64 percent of companies surveyed say they feel completely unprepared to address cybersecurity.

Solutions and insights generated from location-based data has moved beyond the nice-to-have.

Hackers thrive on vulnerabilities, and they’re already starting to take advantage of unprotected autonomous vehicles. In August of last year, hackers were arrested for stealing more than 100 cars in Texas simply by using a computer to unlock and start the vehicles.

Automakers have poured billions of dollars into developing autonomous vehicles, but if they can’t keep the cars and their drivers safe, I’ll never have one of these vehicles sitting in my garage. While the NHTSA may not have all the answers to addressing cybersecurity threats, automakers may be able to look under the hood of their own vehicles to find a potential solution.

Re-imagining GPS

Devices in the IoT are unique in that they generate a wealth of data, including location-based data. So whether it’s your phone, your mobile device or your car, consumers that opt-in for location-based services allow these devices to capture both their movements and what they’re doing at each point along their journey.

Autonomous vehicles are utilizing and capturing location-based data, which can be analyzed to identify behaviors like vehicle movement, speed, average drive times or even proximity to other objects, like other vehicles and retail stores, which in return can benefit the consumer.

Location-based data offers consumers and businesses the potential to reveal a great deal of information. Retailers are already leveraging data generated by cars to inform their site selection decisions, and the public sector is using the data for civic improvement and planning projects.

Consumers are also benefiting from the data by being able to route their cars to avoid traffic jams, or reduce their insurance deductibles for their good driving behavior. But the most notable perk from location-based data may also be used to uncover abnormalities in behaviors, which could be used to detect and limit actions taken by hackers.

For example, when a hazard symbol flashes on your dashboard, the data your car generates is telling the system that there is a problem — maybe your tire pressure is low, you need an oil change or there’s a door that has not been completely closed. Your vehicle knows how it should operate; if the data suggests it’s not running as it should, you’re immediately alerted with the hazard light.

Theoretically, the same type of real-time alert infrastructure could help resolve cybersecurity threats and more traditional thefts, which could lead to new or expanded offerings by vehicle monitoring companies like OnStar, UConnect, Blue Link, Ford Synch, etc. If drivers allow these organizations or safety officials to monitor their vehicle’s location and have a complete view of typical driving behaviors, officials can be alerted immediately to any behaviors that may stray from expectations — and shut down the vehicle in an emergency situation.

So if an autonomous vehicle is speeding through a residential neighborhood, creeping to a halt on a major interstate or not slowing down as it approaches a red light, officials may be able to override the computerized system, and a potential hacker, to restore the vehicle to a safe-driving state. Alternately, if it is determined that the vehicle is being driven without authorization, the same systems can be used to potentially keep the driver trapped until law enforcement arrive.

By leveraging the existing infrastructures that are in place, automakers can potentially turn up a notch their location-based infrastructure and internal diagnostics — while potentially addressing the cybersecurity and vehicle theft problems.

The future of driverless vehicles

No one has the answer to solving this potentially multi-billion dollar crisis automakers are facing, but I believe an answer might be uncovered by leveraging the location-based infrastructure that is already in place. We live in a world where technology is growing at rapid speeds, and most companies don’t have the time or money to reinvent the wheel every time something new is introduced in the market.

Automakers already have the infrastructure in place for capturing and using location-based data, and they’ve been able to monetize those capabilities with industries that benefit from that data. But the same could apply for the safety of their customers.

Solutions and insights generated from location-based data has moved beyond the nice-to-have — it’s a need-to-have to keep drivers safe when they’re behind the wheel of an autonomous vehicle.